How much will it cost? Calculate your home loan repayments

51% attack livestreamer banned while hacking Bitcoin Private

{"theme":"dark","direction":"horizontal","showArrows":true,"splitTitle":true,"playerOptions":{"captions":true,"popupOnScroll":true,"subscribe":{"title":"Subscribe","url":"https://www.youtube.com/channel/UCKvc0WUB65GCvOTgPVJ9yRA?sub_confirmation=1","visibleOnMain":true,"visibleOnPopup":true}},"active":{"index":0,"start":52,"end":null,"thumb":"https://d1ic4altzx8ueg.cloudfront.net/finder-au/wp-uploads/2018/10/Harry-Generic.jpg","thumbAnimation":"kenburns-top-right","heading":{"small":"WATCH","large":"Everything you need to know about stablecoins."}},"yt":{"method":"playlistItems","params":{"playlistId":"PLUrt4pAH4g29Uw8QifHtSvvdWuFtDmz6V","type":"video","part":"snippet,id,contentDetails"}},"banner":true}

They made it look easy, until their stream was shutdown.

Last week an anonymous chap going by the handle GeoCold – a reference to George Hotz's hacking alias of "GeoHot" – decided to livestream a 51% attack on the minnow Einsteinium cryptocurrency for the sake of science.

A 51% attack is when you gain a majority of a coin's mining power, then use that to fork into your own longer chain which eventually overwrites the "real" chain.

Change of plans

The first change was that Einsteinium was off the hook. GeoCold decided to go for a bigger target, which he had said might happen if enough donations arrived. He raised some $800 for the attacks, he said on Reddit, which was enough to go after some larger game.

In this case that game was Bitcoin Private, a moderately ill-fated-to-date cryptocurrency that has experienced a constantly declining price since its fork, events like developers running off with project funds and now a public 51% attack.

It's a quite soft target, with a few hundred bucks being enough to take control of the network for long enough to execute a successful attack.

It started off according to plan, and GeoCold managed to yank 70% of Bitcoin Private's hashing power. He was about to fork it, he said, when he was banned from the streaming platform. He was first banned from Twitch, and then another platform.

The not entirely inaccurate reason given was "attempts or threats to harm."

GeoCold shared the following step by step guide to 51% attacks with BleepingComputer. He says he got up to Step 6 before the stream went down, and then did Step 7 offline, and could have completed the demonstration but would rather have done so with an audience.

That he got that far suggests an actual exchange somewhere did fall victim to the attack, buying some of the soon-to-disappear BTCP from GeoCold.

Given how many coins are vulnerable, and how apparently easy it is to successfully pull off an attack, it really is a wonder why it doesn't happen more often.

How to 51% attack

"Get two servers with the same wallet running on it.

On one server setup a mining pool, we’ll call this the offline server.

Disconnect that server’s wallet from all its peers on the network.

Send a transaction from address A (which is on both wallets/servers) to address B which is just an arbitrary address we also own.

Then, start mining with a greater hashrate than 50% the hashrate of the coin so that we can consistently (in aggregate at least) get a longer blockchain than the normal network.

Next, on the online server/wallet, we send the money we just sent on the offline server to an exchange. We wait for it to deposit to go through and then exchange it for another coin like Bitcoin and withdraw that.

By this point, we’ll have a longer blockchain on our offline server that contains a transaction that conflicts with the one we just sent to the exchange.

We take the offline server online and then the world is told about our new, longer blockchain and they all use it because it’s longer. They go through and merge their chain with mine and in doing they see that there’s a conflicting transaction (the on to the exchange and the one from wallet A to wallet B). They pick the one from A to B because it’s part of the longer chain.

Boom, you’re done, you’ve doubled your money via crypto magic."

Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VET, XLM, BTC, ADA

Disclaimer:
This information should not be interpreted as an endorsement of cryptocurrency or any specific provider,
service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and
involve significant risks – they are highly volatile and sensitive to secondary activity. Performance
is unpredictable and past performance is no guarantee of future performance. Consider your own
circumstances, and obtain your own advice, before relying on this information. You should also verify
the nature of any product or service (including its legal status and relevant regulatory requirements)
and consult the relevant Regulators' websites before making any decision. Finder, or the author, may
have holdings in the cryptocurrencies discussed.

Disclaimer - Hive Empire Pty Ltd (trading as finder.com.au, ABN: 18 118 785 121) provides factual information, general advice and services on financial products as a Corporate Authorised Representative (432664) of Advice Evolution Pty Ltd AFSL 342880. Please refer to our FSG - Financial Products. We also provide general advice on credit products under our own Credit Licence ACL 385509. Please refer to our Credit Guide for more information. We can also provide you with general advice and factual information on about a range of other products, services and providers. We are also a Corporate Authorised Representative of Countrywide Tolstrup Financial Services Group Pty Ltd. ABN 51 586 953 292 AFSL 244436 for the provision of general insurance products. Please refer to our FSG - General Insurance. We hope that the information and general advice we can provide will help you make a more informed decision. We are not owned by any Bank or Insurer and we are not a product issuer or a credit provider. Although we cover a wide range of products, providers and services we don't cover every product, provider or service available in the market so there may be other options available to you. We also don't recommend specific products, services or providers. If you decide to apply for a product or service through our website you will be dealing directly with the provider of that product or service and not with us. We endeavour to ensure that the information on this site is current and accurate but you should confirm any information with the product or service provider and read the information they can provide. If you are unsure you should get independent advice before you apply for any product or commit to any plan. (c) 2018.

Thank you for your feedback.

Our goal is to create the best possible product, and your thoughts, ideas and suggestions play a major role in helping us identify opportunities to improve.

Important information about this website

finder.com.au is one of Australia's leading comparison websites. We compare from a wide set of major banks, insurers and product issuers.

finder.com.au has access to track details from the product issuers listed on our sites. Although we provide information on the products offered by a wide range of issuers, we don't cover every available product. You should consider whether the products featured on our site are appropriate for your needs and seek independent advice if you have any questions.

Products marked as 'Promoted' or "Advertisement" are prominently displayed either as a result of a commercial advertising arrangement or to highlight a particular product, provider or feature. Finder may receive remuneration from the Provider if you click on the related link, purchase or enquire about the product. Finder's decision to show a 'promoted' product is neither a recommendation that the product is appropriate for you nor an indication that the product is the best in its category. We encourage you to use the tools and information we provide to compare your options and find the best option for you.

The identification of a group of products, as 'Top' or 'Best' is a reflection of user preferences based on current website data. On a regular basis, analytics drive the creation of a list of popular products. Where these products are grouped, they appear in no particular order.

Where our site links to particular products or displays 'Go to site' buttons, we may receive a commission, referral fee or payment.

We try to take an open and transparent approach and provide a broad based comparison service. However, you should be aware that while we are an independently owned service, our comparison service does not include all providers or all products available in the market.

Some product issuers may provide products or offer services through multiple brands, associated companies or different labelling arrangements. This can make it difficult for consumers to compare alternatives or identify the companies behind the products. However, we aim to provide information to enable consumers to understand these issues.

Providing or obtaining an estimated insurance quote through us does not guarantee you can get the insurance. Acceptance by insurance companies is based on things like occupation, health and lifestyle. By providing you with the ability to apply for a credit card or loan we are not guaranteeing that your application will be approved. Your application for credit products is subject to the Provider's terms and conditions as well as their application and lending criteria.

Please read our website terms of use for more information about our services and our approach to privacy.